help needed in selecting firewall & a antivirus
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: help needed in selecting firewall & a antivirus

  1. #1
    Banned
    Join Date
    Feb 2003
    Posts
    11

    Question help needed in selecting firewall & a antivirus

    hai
    i am the system adminstrator in college. I look after the internet lab maintainence.
    all the systems are connected via broad band.
    most of the systems are affected by virus.Since i can't control what others open/ execute here.
    i would like to set access rights for the students. over the net.
    please help me.
    i would also like to set a firewall.can u guide me to a good (free)firewall.
    does setting a proxy slow down net access speed.




  2. #2
    Senior Member
    Join Date
    Aug 2001
    Posts
    267
    Have had good success with WINPROXY by Ositis. Includes Anti-Virus....and has
    good rules....Black Listing.......Port blocking.....etc

    Only thing it wouldn't stop was MSN Messenger. (NO one can block that damn thing !!!)

  3. #3
    Senior Member
    Join Date
    Aug 2001
    Posts
    352
    a good firewall to stop msn would be tiny personal firewall, they used to have a free version but its not available any more, you could get the old free version off a p2p sharing system such as kazaa, its called pf2.exe about 1.35 meg i think, it has the facility to block traffic on ports as well as block connections from specific programs (such as MSN) so that way you can block MSN from using port 80 and other ports but you still get your other web traffic through, if you installed this on your server it should sort most of the things out for you.

    tiny software

    www.tinysoftware.com

    the proxy shouldnt slow down the net speed much if at all, if you set it up with a cache of some sort you will likely get better speed because you wont need to make a connection over the net to get cached pages

    a good antivirus program that should get you started is AVG anti virus, they have free versions of it as well as the usual pay version and volume licensing version etc etc...

    get it here: www.grisoft.com

    ive found the free one to keep me out of trouble, ha picked up any viruses ive ever got ( from my own silly mistakes usually), it can monitor email, web and EXE type files and should be enough, also has a quick system start up scan for boot type virii

    hope this will help you out a bit

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    No, using a proxy won't slow access down. In fact, because of caching, it might speed it up.

    Your best bet is probably to block direct access completely, and use a proxy or transparent proxy, which supports content filtering.

    Then you can block downloads of (for example), .exe, .zip .rar from untrusted sites, but still allow downloading non-harmful files (for example PDF)

    You really want a desktop antivirus solution set up across the entire network for all workstations. This may cost a bit but it will be worth it. This will prevent any files which do get through the content scanning proxy from infecting them with viruses (for example MSWord macro viruses).

    Then I suppose if people need to download an exe file for a genuine purpose you can download it for them and place on a shared directory.

    -- Oh yes, blocking MSN messenger:

    MSN messenger I believe uses HTTP requests to a given set of hosts. Once you know which hosts they are, you can block them by host name and/or IP.

  5. #5
    Senior since the 3 dot era
    Join Date
    Nov 2001
    Posts
    1,540
    Winproxy by Ositis... bleh... it has a lot of good features and works fine but it was damm unstable. This proxy crashed within 36 hours, again and again. I changed to a *nix solution and that one still runs. We are not speaking of hours now but of months. The Ositis used a more powerfull box than the *nix. It seemed to crash due to internet worms trying to reproduce, I thought this thing was there to prevent those things? It stopped the viruses but it crashed whenever there was one on the network??? so *nix ! and it still rules. However possibly on a better server and with Win2000 Ositis proxy will run smooth and do the job.

  6. #6
    Member
    Join Date
    Jul 2003
    Posts
    49

    Thumbs up

    Just a minor contribution, but I find that ZoneAlarm 3.7.193 is pretty damn good for a product that is free. There was some news a bit back about it having a major flaw. This seems to be not entirely true and can be cleared up by going to here. Check out tonybradley's post at the bottom of the page.

    I don't know much about security - yet, but hope to learn more.

    I reckon ZoneAlarm is definately an option although a question from me, from this is would be:

    Do you need something 'bigger' than the free version of ZoneAlarm if you are administering a large University network?
    [gloworange]Athlon XP 2100+ 1.74GHz
    512MB PC2100 DDR-SD RAM
    RADEON 9600XT 256MB[/gloworange]

  7. #7
    Member
    Join Date
    Mar 2002
    Posts
    38
    I suggest try Agnitum Outpost Firewall for me this one is simply the best.You can download a fee version witch offers basic protection.
    http://www.agnitum.com/download/outpostfree.html
    it really do have a nice interface & does the job.dont forget to keep it updated.
    The Power Of Your Imagination:

  8. #8
    Senior Member
    Join Date
    Aug 2001
    Posts
    267
    VictorKaum: appreciate your comments about 'WinProxy' (36 hours). We had it running on NT4 (sp5) for months without any problems. Only reason we downed it was to upgrade the hard drive. Ran for months after that too. Cheers

    slarty (bartfast ?) MSN Messenger....tried blocking 'every' site it connected to, and the port it used (1863?). Didn't work. And Microsoft are proud that MSN will 'find its own way' to the internet by using the HTTP proxy port.

  9. #9
    Banned
    Join Date
    May 2003
    Posts
    1,004
    FWTK: http://www.fwtk.org/

    It's free, it will do what you need it to. You can filter by ports, content, typing, protocols, whatever. heck you can even interface it with various modules floting around that actually look at content content... as in: 'what is the jpeg is of?', or 'what is the document is about?'

    I think the only you'd find better would be Guantlet (which is based off of FWTK) or Sidewinder (which is based off, albeit more loosely, of LOCK likely the most secure system and the foundation of/inspiration for many of the most secure systems: SMG & AITS6), but both of these firewalls are pricey and although FWTK isn't really in the same leauge with those two, it is pretty much the closest to them.

    catch

  10. #10
    Junior Member
    Join Date
    Jul 2003
    Posts
    27

    Here's a link with some good free software

    Here's a link with with not only some free antivirus, firewalls, but also spam blockers, bot killers, email encrytions and others...... http://www.firewallguide.com/freeware.htm

    The only way I've been able to kill MSN messager is by killing it with my firewall rules



    MSgtN

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides